🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. - GitHub - WerWolv/ImHex: 🔍 A Hex Editor for Reverse Engineers, Programmers and people who...

Windows Tokens are used for authentication and assigning privileges to windows programs. Understanding token manipulation is essential to detect malicious behaviours. Security professionals can use the wintoken library for token manipulation.

Because we all know the best way to keep your data safe is by blowing it up, right?

Title A vulnerability in Linux kernel mainline v5.18-rc1 through v5.19-rc6 does not clear statically allocated variables in the block starting symbol (.bss) due to a failed early_xen_iret_patch leading to an asm_exc_page_fault, or arbitrary code execution…

Contribute to tastypepperoni/RunAsWinTcb development by creating an account on GitHub.

Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you. - GitHub - Techryptic/Pokemon-Shellcode-Loader: Tired of looking a...

CQ, a code security scanner. Contribute to chris-anley/cq development by creating an account on GitHub.

31/07/2022

Recently, there was a GET Flooding Attack-type DDoS attack case on a web services company for about 20 hours. Various attack traffics were detected on the login page which caused serious load on the server and ended up paralyzing the entire login function.…

Table of Contents Introduction A word of advice Why should you build a home lab? Things you need to consider Hardware Hunting for Hardware Network Software Virtualization Software Network Virtual Devices Operating Systems Windows Unix and *Nix Apple Mac OS…

Automatic SSTI detection tool with interactive interface - GitHub - vladko312/SSTImap: Automatic SSTI detection tool with interactive interface

A vade mecum for all things Threat Modeling.

Insider threats are one of the most difficult risks for security teams to manage because most employees require some level of trust and privileges to perform their roles. Managing this risk involves detecting and containing the undesirable behavior of trusted…

Mara is a userland pty/tty sniffer. Contribute to io-tl/Mara development by creating an account on GitHub.

We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging…

Introduction In part three of this series, we will analyse Brute Ratel, a command and control framework developed by Dark Vortex. As the C2 is lesser known, we can see...

Beside bug fixes this release introduces many new features and it was so much fun working on it. We think this release is very beautiful and we are really proud of it! You are invited to celebrate ...